SEARCH RESULTS
 
Showing 1-10 of 34 records
 
Expand article

Kaminsky on How He Discovered the DNS Flaw

2008-07-23 00:49:00 by Kim Zetter in Wired Security
 
Six months ago, security researcher Dan Kaminsky was looking for a faster way to host data on the internet. What he found was the biggest internet security hole in a decade
 
Tags: internet security hole, internet, months ago, host data, decade, faster
 
 
 
 
Expand article

Kaminsky: DNS bug tattler not the first to guess flaw details

2008-07-23 13:00:00 by Editor in Computerworld Security News
 
Dan Kaminsky, the security expert who found a critical DNS flaw and organized a massive patching effort, reiterated the need for quick patching
 
Tags: critical dns flaw, dan kaminsky, security expert, effort, massive, quick
 
 
 
 
Expand article

Kaminsky: Many ways to attack with DNS

2008-08-06 00:00:00 by Robert McMillan in Network World on Security
 
There were 6 a.m. calls from Finnish certificate authorities and also some pretty harsh words from his peers in the security community, even an accidentally leaked Black Hat presentation, but after managing the response to one of the most highly publicized Internet flaws in recent memory, Dan Kaminsky said Wednesday that he'd do it all over again
 
Tags: pretty harsh words, black hat presentation, internet flaws, security community, recent memory, dan kaminsky, peers, finnish, calls
 
 
 
 
Expand article

Security Matters: Lesson From the DNS Bug: Patching Isn't Enough

2008-07-23 19:00:00 by Bruce Schneier in Wired Security
 
...Kaminsky about six months ago have leaked. Hackers are racing to produce exploit code, and network operators who haven't already patched the hole are scrambling to catch up. The whole mess is a good illustration of the problems with researching and disclosing flaws like this The details of the vulnerability aren't important, but basically...
 
Tags: security, security engineer, security engineer brings, security holes, smart design choice, design, security engineers, kaminsky, dan kaminsky
 
 
 
 
Expand article

The DNS Vulnerability

2008-07-29 06:01:52 by schneier in Schneier on Security
 
...Kaminsky about six months ago have leaked. Hackers are racing to produce exploit code, and network operators who haven't already patched the hole are scrambling to catch up. The whole mess is a good illustration of the problems with researching and disclosing flaws like this The details of the vulnerability aren't important, but basically...
 
Tags: vulnerability, kaminsky, dan kaminsky, details, critical internet vulnerability, bank account details, discover kaminsky, patch, release details
 
 
 
 
Expand article

Is there any reason to go to Black Hat still?

The Article has images
2008-07-23 07:58:05 by HASH0x8b10820 in StillSecure, After All These Years
...Kaminsky's research was exemplary, but his naivete about people keeping the exploit under thier hat was not. While Thomas Matasano apologized for his mistake , frankly from the moment Havlar Flake begain speculating on it, it was just a matter of time Anyway, the cat is out of that bag, but something tells me that Dan K's presentation will...
 
Tags: dns flaw, dns flaw public, dns, dns bug, black hat, dns leak, kaminsky, kaminsky hack, major internet flaw
 
 
 
 
Expand article

Is there any reason to go to Black Hat still?

The Article has images
2008-07-23 07:41:47 by ashimmy in StillSecure, After All These Years
...Kaminsky's research was exemplary, but his naivete about people keeping the exploit under thier hat was not. While Thomas Matasano apologized for his mistake , frankly from the moment Havlar Flake begain speculating on it, it was just a matter of time Anyway, the cat is out of that bag, but something tells me that Dan K's presentation will...
 
Tags: dns flaw, dns flaw public, dns, dns bug, black hat, dns leak, kaminsky, kaminsky hack, major internet flaw
 
 
 
 
Expand article

Hacking ISP Error Pages

2008-04-24 06:43:52 by schneier in Schneier on Security
 
...Kaminsky demonstrated the vulnerability by finding a way to insert a YouTube video from 80s pop star Rick Astley into Facebook and PayPal domains. But a black hat hacker could instead embed a password-stealing Trojan. The attack might also allow hackers to pretend to be a logged-in user, or to send e-mails and add friends to a Facebook...
 
Tags: server, dns server tells, official google site, site, dns, real paypal page, paypal, google, logged-in user
 
 
 
 
Expand article

Massive Coordinated Patch Effort To DNS System Flaw

2008-07-08 17:56:25 by Editor in Cheap Hack
 
...Kaminsky of IOActive , Paul Vixie of Internet Systems Consortium (ISC) and Daniel J. Bernstein for the research. It also earlier mentions Amit Klein for work he did on one of the constituent attacks. According to CircleID, Kaminsky will reveal details of the attack in 30 days after users and vendors have had a fair shot at patching it
 
Tags: microsoft monthly patches, microsoft, dns servers, isc bind, isc, servers, attacks, internet systems consortium, status